CVE-2000-0419

high

Microsoft

CVSS v3 Base Score

7.5

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS Score

10.9%

Exploitation probability in 30 days

Top 7% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: May 11, 2000 (9499 days ago)

Last Modified: April 16, 2026

Vendor: Microsoft

Source: NVD

Description

The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.

CWE

NVD-CWE-Other

Affected Products

microsoft accessmicrosoft excelmicrosoft frontpagemicrosoft officemicrosoft outlookmicrosoft photodraw 2000microsoft powerpointmicrosoft projectmicrosoft wordmicrosoft works

References

🔗 www.cert.org 🔗 www.microsoft.com 🔗 www.securityfocus.com 🔗 docs.microsoft.com 🔗 www.cert.org

CVE-2000-0419

Vulnerability Report

Description

CWE

Affected Products

References